v4.5.4

[4.5.4] - 2022-04-26

• Fixed typo from 4.5.3 with the bypass database model (@vinnybod)

v4.5.3

[4.5.3] - 2022-04-24

• Fixed issue where default_response is needed for external/generate_agent (@Cx01N)
• Added check if bypass language is compatible (@Cx01N)
• Added error message formatting for listeners and stagers (@Cx01N)
• Added zip to the Dockerfile which is necessary to create ms files such as docx (@junquera)

[4.5.2] - 2022-04-12

• Fix string format errors in dbx listener (@awsmhacks)
• Fix script_end error in schtasks.py (@harry-cmdzero)
• Add workflows for doing the public releases (@vinnybod)
• Pull out common code from listeners to a listener_utils module (@Cx01N)
• Fix missing script_path and fix variable references in service_stager and service_exe_stager (@harry-cmdzero)

[4.5.1] - 2022-03-27

• Fixed empire_config yaml property to include fields that don't exist on the config object (@vinnybod)

[4.5.0] - 2022-03-27

• Updated changelog to use Keep a Changelog (@vinnybod).
• Added tests for listener launchers (@vinnybod).
• Add a step to run the test suite on the Docker image itself (@vinnybod)
• Removed .plugin from the black configuration (@vinnybod)
• Removed random caps from backdoorlnk (@Cx01N)
• Added html files for listener responses (@Cx01N)
• Converted server config to a typed class (@vinnybod)
• Add keyword obfuscation to the config.yaml (@vinnybod)
• Fix proxy_creds variable name in bypassuac (@Cx01N)
• Updated launcher_bat to use web request for launcher (@Cx01N)
• updated malleable profiles with banzarloader (@Cx01N)
• Added C# execution modules (@Cx01N)
• Add tests for launcher code (@vinnybod)
• Split ls/dir command line to get the first element for ls/dir command (@CyrilleFranchet)
• Updated lastwritetime on ls/dir command (@CyrilleFranchet)
• Fix script_end variable on privesc/ask module (@CyrilleFranchet)
• script_import will upload a file from the client's machine (@Cx01N)

Empire v4.4.1

3/6/2022

• Version 4.4.1 Master Release
  - Fixed agent generation with custom headers (@Hubbl3)
  - Fixed missing quote in get_users.yaml (@Cx01N)
  - Fixed displaying info for plugins (@Cx01N)
  - Fixed legacy plugin loading to ignore folders (@Cx01N)
  - Removed http_mapi.ps1
  - Removed comment that global obfuscation and keyword obfuscation cannot be combined (@Cx01N)

2/14/2022

• Version 4.4.0 Master Release
  - Added auto copy to clipboard feature (@Cx01N)
  - Added directory settings to yaml for downloads/stagers/obfuscated_modules (@Cx01N)
  - Added C# process injection module (Cx01N)
  - Added bypass yamls for PowerShell (@Hubbl3)
  - Added Black and Isort integration (@vinnybod)
  - Added tests for loading and generating scripts with defaults (@vinnybod)
  - Updated Psinject to use updated version of reflective pick and bypasses (@Hubbl3)
  - Fixed check for preobfuscation of files (Cx01N)
  - Fixed issue with plugins using tuple (@vinnybod)
  - Removed random capitialization function for listeners (@Cx01N)
  - Removed meterpreter and mapi listeners (@Cx01N)
  - Powerview - added functions for group managed service accounts and fine grained pw pol (@jfmaes)

New Contributors

• @jfmaes made their first contribution in #533

Full Changelog: v4.3.3...v4.4.1

Empire v4.3.3

1/24/2022

• Version 4.3.3 Master Release
  - Added a hook for when an agent is fully checked in (stage2) (@vinnybod)

1/14/2022

• Version 4.3.2 Master Release
  - Fixed issues with variables names in Mimikatz & Privesc modules (@sbrun)
  - Fixed issue with Invoke-Obfuscation not being properly called (@Cx01N)
  - Add dotnet install to dockerfile (@vinnybod)

1/8/2022

• Version 4.3.1 Master Release
  - Fixed issue with module variables referenced before assignment or undefined (@vinnybod)
  - Fixed bug with Invoke-Seatbelt caused by variable name mismatch (@vinnybod)
  - Fixed IronPython exit/shutdown issue (@Cx01N)
  - Fixed ToLower() bug in PowerShell agent when using route (@CyrilleFranchet)
  - Fixed multiline shell output bug (#491) (@CyrilleFranchet)
  - Added dir command to the file browser hook (@CyrilleFranchet)
  - Generate test account with secure rng (@moloch--)
  - Add Invoke-FodhelperProgIDs module (@m1m1k4tz)
  - Add Invoke-VeeamGetCreds module (@sadshade)

12/23/2021

• Version 4.3.0 Master Release
  - Updated Invoke-Seatbelt, Invoke-Rubeus, & Invoke-WinPeas (@Cx01N)
  - Updated C# modules: Seatbelt, SharpSploit (@Cx01N)
  - Updated profiles to include APT29 (@Cx01N)
  - Updated Mimikatz to 20210810-2 (@Cx01N)
  - Updated reset script to remove c# tasks and generated-stagers (@Cx01N)
  - Added obfuscation options into Empire CLI (@Cx01N)
  - Added Invoke-BOF module (@Cx01N)
  - Added C# server plugin to run on startup (@Cx01N)
  - Added autostart plugin with options to config file (@Cx01N)
  - Added upload & download options for Empire CLI (@Cx01N)
  - Added Plugin folders and extensions (@Cx01N)
  - Added C# redirector (@Cx01N)
  - Added Invoke-DownloadFile (@Cx01N)
  - Added error message in client for file downloads >1MB (@Cx01N)
  - Moved NVNC and Sharpire as C# submodules (@Cx01N)
  - Fixed Invoke-Assembley (@Cx01N)
  - Fixed osx/clipboard & pilliageuser modules (@Cx01N)
  - Removed unused wiki workflows (@Cx01N)

New Contributors

• @moloch-- made their first contribution in #505
• @m1m1k4tz made their first contribution in #514
• @sadshade made their first contribution in #512
• @CyrilleFranchet made their first contribution in #529

Full Changelog: v4.2.0...v4.3.3

Empire v4.2.0

11/1/2021

• Version 4.2.0 Master Release
  - Added revershell & cmd launchers with reversehell (@Cx01N)
  - Added ironpython to compile through empire with embedded std lib (@Cx01N)
  - Added proxy (SOCKS/TOR/HTTP) pivots to python agents (@Cx01N)
  - Added notifications in bottom toolbar for plugins and agents (@Cx01N)
  - Added C# VNC server (@Cx01N)
  - Added extended rights for certificate templates (@daem0nc0re)
  - Added donut for shellcode generation (@Cx01N)
  - Updated WMI persistence and bug fixes (@janit0rjoe)
  - Updated covenant compiler (@Hubbl3)
  - Updated csharp powershell launcher to compile through empire (@Hubbl3)
  - Fixed formatting error in enable_rdp (@jamarir)
  - Fixed nim launcher to run internal to exe (@Cx01N)
  - Fixed misc python module errors (@Cx01N)
  - Fixed outfile message displaying wrong directory (@Cx01N)
  - Removed sRDI for shellcode (@Cx01N)

Empire v4.1.3

9/28/2021

• Version 4.1.3 Master Release
  - Fixed output from files throwing a error for the client (@Cx01N)

9/21/2021

• Version 4.1.2 Master Release
  - Removed pyminifier as a dependency to prevent install errors (@Cx01N)

9/20/2021

• Version 4.1.1 Master Release
  - Add OutputFunction to dcsync_hashdump (@jamarir)
  - Convert file operations to use with syntax (@jamarir)
  - Added Invoke-IronPython3 and some OffensiveDLR fixes (@Cx01N)
  - Fix for (#476) - String indices error ms16-032 & ms16-135 (@Cx01N)
  - Fix help menu text on the interact menu (@archcloudlabs)
  - Rework agent taskings in the client to not poll for a result (@Cx01N)
  - Added Python agents to the external/generate_agent module (@Cx01N)
  - Update add_sid_history module command (@ilanisme)

8/29/2021

• Version 4.1.0 Master Release
  - Correct issue where install script would break depending on the current working directory (@vinnybod)
  - Empire client now currently refreshes listener list after killing a listener (@vinnybod)
  - Removed the wiki and added a link to the new docs (@vinnybod)
  - Added the initial filtering/hooking feature (@vinnybod)
  - Fix an issue where the docker builds would not run because it was deleting the database (@vinnybod)
  - Added autocomplete for taskings in the Empire Client and added a command to view a specific task (@Cx01N)
  - Updated the OutputFunction feature to allow for arbitrary values (@vinnybod)
  - Added an IronPython3 agent (@Cx01N)

Empire v4.0.2

8/16/2021

• Version 4.0.2 Master Release
  - Added socketio messages to screenshot/download/upload (@Cx01N)
  - Added help message when no input is given to empire.py (@Cx01N)
  - Fixed missing slash for module directories (@Cx01N)
  - Fixed modules Get-SQLServerLoginDefaultPw and PortScan (@jamarir)
  - Fixed formatting bug in the options table on the listener menu (@vinnybod)
  - Fixed querying retain-last-value config parameters (@ilanisme)
  - Fixed invalid concat on keylogs (@Cx01N)
  - Fixed mimikatz command and added suggested values (@Cx01N)
  - Fixed misc bugs (@vinnybod)
  - Updated suggested values for stagers and reformatted code (@Cx01N)
  - Updated editlistener menu (@vinnybod)
  - Removed client suppression for job started taskings (@Cx01N)

Empire v4.0.1

7/19/2021

• Version 4.0.1 Master Release
  • Added API endpoints for sleep/jitter to agents (@Cx01N)
  • Added sleep command to CLI (@Cx01N)
  • Added sleep/jitter option to C# agents (@Hubbl3)
  • Fix for Invoke-Obfuscation installation
  • Added PrintNightmare module (@Cx01N)

6/28/2021

• Version 4.0.0 Master Release
  • Breaking Changes
    • Removed old Empire CLI and cmdloop from server (@Cx01N)
    • The credential create endpoint now accepts a single credential instead of a list
    • Some endpoints which were previously throwing 500s when not found, now properly return a 404
    • Plugin endpoints and socketio channels renamed to plural (plugin -> plugins) to match naming convention of other resources (@vinnybod)
  • New Features
    • Integrated server and client into Empire (@Cx01N, @vinnybod)
    • Introduced C# agents (@Hubbl3)
    • Integrated Covenant Roslyn compiler for task compilation (@Hubbl3)
    • Covenant Task compatibility (@Hubbl3, @vinnybod)
    • Added support for 'suggested values' on the server and auto completing the suggested values in the CLI (@vinnybod)
    • Added new launch parameters for starting server/client (@Cx01N, @vinnybod)
    • Added Offensive DLR Modules: IronPython, ClearScript, & Boolang (@Cx01N)
    • Added MS16-051 stager (@Cx01N)
    • Added Start-ProcessAsUser module (@Cx01N)
    • Added NTLM-Extract module (@Cx01N)
    • Added Invoke-SharpSecDump module (@Cx01N)
    • Added sriptimport and scriptcommand to API (@Cx01N)
    • Added auto generate certificate function to startup script (@Cx01N)
    • Added Invoke-SpoolSample (@Cx01N)
    • Added redirector chaining and proper tunneling (@Cx01N)
    • Updated pycrypto to pycryptodome (@Cx01N)
    • Updated PowerDump with AES NTLM hashes (@Cx01N)
    • Updated cert/install/reset script with new directories (@Cx01N)
    • Updated all modules to new YAML format (@vinnybod, @Cx01N)
    • Updated to Mimikatz 2.2.0 20210531 X11 RDP Clients (@Cx01N)
    • Removed M2Crypto dependency (@Cx01N)
    • Simplified kill/remove commands and added 'all' and 'stale' options (@Cx01N)
    • Removed the need for manual database timestamp updates, merge taskings and results table to a single table (@vinnybod)
    • Added a socketio event for when tasking results come back (@vinnybod)
    • Readded rastamouse's bypass (@Cx01N)
    • Added a 'since' query parameter to the tasks endpoint for more efficient querying (@vinnybod)
    • Added socketio tasking event handler to CLI for displaying task results in the interact menu (@vinnybod)
    • Install script prompts for xar, bomutils, openjdk, and dotnet for a more streamlined install (@vinnybod)
    • Install script now includes dotnet (@vinnybod)
    • Dockerfile size decreased by ~1GB by only installing the essentials. There is a note in the README (@vinnybod)
    • Made powershell bypasses dynamic. Now set with a single field Bypasses and they will be applied in the order provided (@vinnybod)
    • Added API endpoints for managing bypasses (@vinnybod)
    • Add processor architecture to powershell, csharp, and python agents (@vinnybod)
    • Add a display command to interact menu (@vinnybod)
    • Add additional endpoints for credential for get, update, and delete (@vinnybod)
    • Add create, update, remove credential functionality to the CLI (@Cx01N)
    • Add an "output function" option on several modules (@jamarir)
    • Updated shellcoderdi to newest version (@Cx01N)
    • Added a Nim launcher (@Hubbl3)

Empire v3.8.2

3/28/2021

• Version 3.8.2 Master Release
  - Fixed issue with try/catch preventing agent connections for http_hop/http listeners (@Cx01N)

3/22/2021

• Version 3.8.1 Master Release
  - Fixed http_hop listener options not being copied properly (@Cx01N)

3/7/2021

• Version 3.8.0 Master Release
  - Fix for literal comparison warnings in Python agent - #428 (@mattbogenberger)
  - Add an Invoke-SweetPotato module - #433 (@Invoke-Mimikatz)
  - Fix failed ticket generation in Invoke-Kerberoast - #434 (@Pen-Git)
  - Add ability to specify the bind IP for RESTful API - #431 (@meldridge)

Empire v3.7.2

• Version 3.7.2 Master Release
  - Fixed Malleable C2 issue where netbios/netbiosu transformations used excessive resources (@Cx01N)
  - Fixed error when loading http_hop listener options (@Cx01N)

• Version 3.7.1 Master Release (Kali Build Only)
  - Added Kali message to main menu

• Version 3.7.0 Master Release
  - Revamped backend database from direct sqlite3 to SQLAlchemy (@Cx01N, @vinnybod)
  - Added new Empire CLI to packaging (@vinnybod)
  - Added malleable C2 profiles to empire directory: /data/profiles (@Cx01N)
  - Added --teamserver option to launcher (@Cx01N)
  - Added support for logging into Empire from multiple locations (@vinnybod)
  - Added Invoke-WireTap (@Cx01N)
  - Added Invoke-SauronEye (@Cx01N)
  - Added Invoke-SharpLoginPrompt (@Cx01N)
  - Fixed OneDrive Listener with new database (@Cx01N)
  - Removed need to run setup database script (@vinnybod)
  - Updated docker image to use the locked dependencies in pyproject.toml (@vinnybod)